package club.ljwang.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @Auther: wangl
 * @Date: 2020/3/7 16:25
 * @Description:
 */


@RestController
@RequestMapping("checkitem")
public class HelloController {
    @RequestMapping("add")
    @PreAuthorize("hasAuthority('checkitem_add')")//表示用户必须拥有add权限才能调用当前方法
    public String add() {
        System.out.println("add...");
        return "add";
    }

    @RequestMapping("delete")
    //@PreAuthorize("hasRole('ROLE_admin')")//表示用户必须拥有ROLE_ADMIN角色才能调用当前方法
    @PreAuthorize("hasAuthority('checkitem_del')")
    public String delete() {
        System.out.println("delete...");
        return "delete";
    }
}